Exchanging Encrypted Mails

Post navigation

2016 released Snowden is a biographical movie fictionalised life story of Former NSA employee Edward Snowden. The movie reveals illegal surveillance techniques of the government organization. Also, harversting email and search history data is revealed by Snowden, too. This paranoia might convince Zuckerberg. He covered his webcam and mic with tape.

Snowden

Beyond the paranoia, doubt often forces more rigorous scientific analysis and leads discoveries. In other words, thoroughly conscious ignorance. So, we can protect mails even if they are harvested by third parties. In this post, we will mention an implementation of exchanging encrypted mails.

We will build an exchanging encrypted mail implementation, and run it via gmail infrastructure. In order to work on gmail, you need to allow less secure applications to access your gmail account. You should skip this step if you work on an alternative mail server. Also, we would develop this implementation by referencing Java Mail API.

Mail Delivery

Suppose that Bob would like to send Alice lyrics of Careless Whisper. However, Bob would not like mail content to be seen by anybody else. That’s why, Bob will encrypt the lyrics of the song. The following code will encrypt body of a mail and deliver it.

Maximum allowed key length of AES algorithm is 128 bit in Java Cryptography Extension. That’s why, emails are encrypted with 128 bit AES. This means 1.02×1018 years required to crack the ciphertext. In other words, it is almost billion years. Additionally, modification in policy files increases the key length uplimits. Thus, 256 bit AES requires 3.31×018 years to crack.

Finished? Not Yet!

Key Exchange

Although, implemenation is built and run successfully, it poses a big problem in practice. The both party must be aware of secret key. The point is that how they exchange key. Even if this difficulty is troubleshooted manually, either parties use same key every time or troubleshootig method should be applied repeatly. The both solutions are vulnerable. Alternatively, we would apply key exchange procedure for every mail delivery. This approach is inspired from PGP work scheme.

Firstly, Alice must generate both private and public key pair because she is the recipient one. Then, she publishes her public key. Thus, Bob can use this public key to encrypt his one time secret key. The following code would generate private and public key pair for RSA algorithm.

So, we’ve built an implementation for exchanging secure mails. In this way, we would add an additional security layer for mail exchanging. This approach could be adapted into voice or audio based transmissions. Final form of the implementation including key exchange capability is shared on my GitHub profile.